Two vulnerabilities in Android OS kernel

Xiali Hei, Xiaojiang Du, Shan Lin

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Scopus citations

Abstract

Android Honeycomb operating system is widely used for tablet devices, such as Samsung Galaxy Tab. The Android system programs are usually efficient and secure in memory management. However, there has been a few security issues reported that show Android's insufficient protection to the kernel. In this work, we reveal a new security pitfall in memory management that can cause severe errors and even system failures. Existing security software for android do not detect this pitfall, due to the private implementation of Android kernel. We then discuss two vulnerabilities introduced by this pitfall: 1) malicious programs can escalate the root-level privilege of a process, through which it can disable the security software, implant malicious codes and install rootkits in the kernel; 2) deny of service attacks can be launched. Experiments have been conducted to verify these two vulnerabilities on Samsung Galaxy Tab 10.1 with Tegra 2 CPU. To protect systems from these vulnerabilities, we proposed a patching solution, which has been adopted by Google.

Original languageEnglish
Title of host publication2013 IEEE International Conference on Communications, ICC 2013
Pages6123-6127
Number of pages5
DOIs
StatePublished - 2013
Event2013 IEEE International Conference on Communications, ICC 2013 - Budapest, Hungary
Duration: 9 Jun 201313 Jun 2013

Publication series

NameIEEE International Conference on Communications
ISSN (Print)1550-3607

Conference

Conference2013 IEEE International Conference on Communications, ICC 2013
Country/TerritoryHungary
CityBudapest
Period9/06/1313/06/13

Keywords

  • Android Honeycomb OS
  • DoS
  • Kernel privileges elevating
  • Nvidia Tegra

Fingerprint

Dive into the research topics of 'Two vulnerabilities in Android OS kernel'. Together they form a unique fingerprint.

Cite this